Cybersecurity Funding

July 20, 2021

Cybersecurity Funding

How much is the right amount?

Never an easy one to answer, the question of funding has two distinct aspects.

First, are you “brilliant at the basics”? That is, have you invested properly to resolve challenges of any magnitude—from intruders who want to target a particular customer, use our infrastructure, or even trumpet a cause, to attackers after our “crown jewels,” the data that is most critical to our operations and our differentiation in the market.

Getting the basics right is not easy. Otherwise, we would not see successful ransomware attacks such as WannaCry and Petya, the majority of which were avoidable with basic security hygiene like keeping your IT environment up to date. In fact, the official report following a major attack on a government agency noted that it “could have been prevented if ‘basic IT security’ precautions had been taken.”

Companies must do more to understand and prepare for the many potential intentions of cyber attackers and to “harden” their high- value assets. They must make it as difficult as possible for attackers and limit the damage when they do breach defenses.

The second question for funding is about innovation to improve your cybersecurity and data protection. With all the new technologies and new ways of getting in, the cyber attackers are finding it far too easy. Companies need to lower the cost (or at least slow down the increases) of cybersecurity while improving the overall capability. The only way to do this is to innovate. When the attackers find a way into your company, you need to employ breakthrough innovations to prevent or disarm those schemes, including:

  • Advanced cyber analytics and user behavior analytics to help identify unusual activity.
  • AI and machine learning to capture expertise and spread it throughout the organization.
  • Blockchain to shore up security in your supply chain by enabling you to monitor goods in transit and analyze suspicious transactions.
  • Advanced identity and access management—think two-step authentication and biometrics—to make it harder for the attackers to impersonate authorized personnel.

Breakthrough innovations result from sound ecosystems. Think of the startup community as your route to innovation and experimentation. Once you find the partners that will drive the most value in your security mission, you need to be able to scale rapidly across the organization.

To put it in financial terms, the right level of funding for cybersecurity understands the critical importance of the brilliant basics and the need for cutting-edge innovation. Both sides of the equation are “must haves.”